Exception Handlings in .net..?

In this article I'm trying to explain what are the exceptions and different types of exceptions and working with multiple catch blocks and working with try catch and finally blocks with small small examples. And discussing with User Defined exceptions and system exceptions.

Exception Handlings:

In this article I'm trying to explain what are the exceptions and types of exceptions and working with multiple catch blocks and working with try catch and finally blocks with small small examples.

As we have learnt that when ever an exception occurs our program terminates abnormally with out the next lines of code, even if the next lines of code is not related to exception. so if we can stop the abnormal termination of program we can make the statements which are not related with the exceptions to execute. If we want to handle an exception our code should be enclosed under some special blocks.i.e. try, catch block which has to be used as following.

Try, Catch Blocks:

Try{-statements which will cause an exception -statements which doesn't require exception when exception occurs.}-------multiple catch blocks.

When the code is enclosed under try and catch blocks the execution of program takes place the following. If all the statements in try are executed successfully from the last statement of try the control directly jumps the first statement which is present after catch block without executing any catch block. If any statement in try faces (or) comes across an exception from that line the control directly jumps to the catch blocks checking for a matching catch block. If a matching block is available abnormal termination stops there executes the code under the catch block and then jumps to the first statement after catch block. If matching catching block is not available the abnormal termination occurs again.EX: Add a class Demo.cs

In the above program if the value to the divisor is gives as one the exception of program steps because return statement will jump to control out of the method. But all this happen only after execution of finally block. Because once control enters into try without executing finally we can't stop the execution of a program.

Message is a virtual property of exception class which returns the error message. i.e. associated with currently occurred exception. As message is a virtual property that can be overridden any predefined class exception will override the message property to provide the error message specific to the exception. Message is a read-only property which contains only the get block in it.so predefined exception will be internally defined as following.Prototype:

Note: The above prototype used to, if required you can also define our own exception classes.

Try, Catch and Finally:

These three blocks can be used in3 different combinations.

1.try and catch: Here any exception that in a program gets handled.

2.try ,catch and finally: There will be same as above but all the statements in the finally block gets executed at any cost.3.try and finally: Here exceptions are not handled when they occur so abnormal termination will not stop. But even if the program is abnormally going to terminated finally block gets executed.

Before you start reading this article you need to ensure you satisfy all the pre-requisites. You must:

. be familiar with .NET Framework 2.0 or above . have C# coding skills . have knowledge of SQL Server 2005 or above . be familiar with Visual Studio 2005 or above . be familiar with creating web application in Visual Studio 2005 or above

Overview

Error Handling has always been crucial for an application in a number of ways. It may affect the execution state of the application, or expose sensitive information to a user. If the error handling is not strong, it may aid the attacker, as the errors returned may assist them in constructing correct attack factors.

An important part of secure application development is to prevent leakage of superfluous information to end user. Error messages (if not proper) may give an attacker great insight into the inner workings of an application.What are Exceptions

Moving on to the definition, exceptions are basically the unforeseen errors that happen in our programs. Most of the time one can (and should) detect and handle application errors in the code. For example, validate user input data, check for null objects,verify the values returned from methods are what one expect, are all examples of good standard error handling that one should be taking care of all the time.Handling the Anomalies

Tracing and handling of execution time errors is one of the most crucial tasks ahead of any programmer. But, before discussing the same, let's look at compile time errors, which are errors that occur during compilation of application. They may cause due to bad coding, misspelling of syntaxes, and so on.

On the other hand, runtime errors occur at the time the program executes and can't be corrected. A developer can, however, take preventive measures while coding the program. To do so, he should first identify these two aspects:

Discover the parts of a program that are most likely to emit errors at execution time. Handle those errors according to the language conventions.

When an exception occurs the program flow for the executing method is interrupted. If the exception is not handled explicitly, the method exits and the exception is escalated to the calling function. This calling function has the opportunity to handle that error. The process continues until the exception is handled by the application or it reaches the Language's runtime system.

An unhandled exception that reaches the Language's runtime system causes the immediate, abnormal termination of the program. This can be a problem as the exception is reported to the end user in form of a message or dialog box containing standard information and technical details that may be misunderstood. During debugging this may be useful but in a production system it is generally considered unacceptable. It can also permit the user to attempt to continue to run a program that, due to errors, has become unstable.

A generic custom error page for most errors is recommended. This approach makes it more difficult for attackers to identify signatures of potentially successful attacks. There are methods which can circumvent systems with leading error handling practices which should be kept in mind: Attacks like SQL injection can be used to address such generic responses.

The other key area relating to error handling is the premise of "fail securely". Errors induced should not leave the application in an insecure state. Resources should be locked down and released, sessions terminated (if required), and calculations or business logic should be halted (depending on the type of error, of course).

"The purpose of reviewing the Error Handling code is to assure that the application fails safely under all possible error conditions, expected and unexpected. No sensitive information is presented to the user when an error occurs." Exception handling in General

C# provides an elegant way to handle runtime errors with the help of the try, catch, and finally keywords. No matter we write a code for a small application or a business level application, the exceptions could be categorized into three basic levels

Level 3 exceptions commonly need to be centralized at application level, so that when an exception having such behaviour occurs, it is taken care of with immediate effects, In .Net this could be achieved by two methods,

A. Handling the Exception in Global.asax.

B. Handling the exception in web.config.

Since these are the exceptions thrown by Runtime Environment, the exact behaviour of this type of exception is hard to trace.Right Approach

This content focusses more on technical feasibility and implementation of the same, we see here how the points discussed above are disguised in the form of code and learn how to implement these points practically in our application.The Building Blocks

In .NET a System.Exception object exists. Mostly used child objects such as ApplicationException and SystemException are used. It's not recommended that one throws or catches a SystemException as that is thrown by CLR automatically.

When an error occurs, the system or the currently executing application reports it by throwing an exception containing information about the error. Once an exception thrown, it is handled by the application or by the default exception handler. This exception object contains methods such as:

StackTrace of Exception Source of Exception Message in Exception InnerException of that object

In .NET we need to look at the error handling strategy from the point of view of global error handling and handling of unexpected errors.

To avoid program to crash, the exceptions must be caught using a try-catch statement.

thanksketan

Notify me by email when others post comments to this article.

Do not include your name, "with regards" etc in the comment. Write detailed comment, relevant to the topic.